RECENT POSTS

Bearssl

Implementation of TLS/SSL in C

BearSSL is an implementation of the SSL/TLS protocol RFC 5246 written
in C. It aims at offering the following features

Be correct and secure. In particular, insecure protocol versions and
choices of algorithms are not supported, by design; cryptographic
algorithm implementations are constant-time by default.

Be small, both in RAM and code footprint. For instance, a minimal server
implementation may fit in about 20 kilobytes of compiled code and 25
kilobytes of RAM.

Be highly portable. BearSSL targets not only “big” operating systems
like Linux and Windows, but also small embedded systems and even special
contexts like bootstrap code.

Be feature-rich and extensible. SSL/TLS has many defined cipher suites
and extensions; BearSSL should implement most of them, and allow extra
algorithm implementations to be added afterwards, possibly from third
parties.